--- apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" kubernetes.io/description: | This daemon set launches the Multus networking component on each node. release.openshift.io/version: 0.0.1-2020-05-26-050349 creationTimestamp: "2020-05-26T14:15:49Z" generation: 1 managedFields: - apiVersion: apps/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:deprecated.daemonset.template.generation: {} f:kubernetes.io/description: {} f:release.openshift.io/version: {} f:ownerReferences: .: {} k:{"uid":"50031c94-522c-48d8-9c65-ba159c57d100"}: .: {} f:apiVersion: {} f:blockOwnerDeletion: {} f:controller: {} f:kind: {} f:name: {} f:uid: {} f:spec: f:revisionHistoryLimit: {} f:selector: f:matchLabels: .: {} f:app: {} f:template: f:metadata: f:labels: .: {} f:app: {} f:component: {} f:openshift.io/component: {} f:type: {} f:spec: f:containers: k:{"name":"kube-multus"}: .: {} f:args: {} f:command: {} f:env: .: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/host/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/var/run/multus/cni/net.d"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:hostNetwork: {} f:initContainers: .: {} k:{"name":"cni-plugins"}: .: {} f:command: {} f:env: .: {} k:{"name":"DEFAULT_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL7_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL8_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/entrypoint"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/etc/os-release"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} k:{"name":"multus-binary-copy"}: .: {} f:command: {} f:env: .: {} k:{"name":"DEFAULT_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL7_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL8_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/entrypoint"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/etc/os-release"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} k:{"name":"routeoverride-cni"}: .: {} f:command: {} f:env: .: {} k:{"name":"DEFAULT_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL7_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL8_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/entrypoint"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/etc/os-release"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} k:{"name":"whereabouts-cni"}: .: {} f:command: {} f:env: .: {} k:{"name":"CNI_BIN_DIR"}: .: {} f:name: {} f:value: {} k:{"name":"CNI_CONF_DIR"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"SLEEP"}: .: {} f:name: {} f:value: {} k:{"name":"WHEREABOUTS_NAMESPACE"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/host/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} k:{"name":"whereabouts-cni-bincopy"}: .: {} f:command: {} f:env: .: {} k:{"name":"DEFAULT_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL7_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} k:{"name":"RHEL8_SOURCE_DIRECTORY"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/entrypoint"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/host/etc/os-release"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host/opt/cni/bin"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: .: {} f:kubernetes.io/os: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"cni-binary-copy"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"cnibin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"multus-cni-dir"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"os-release"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"system-cni-dir"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} f:updateStrategy: f:rollingUpdate: .: {} f:maxUnavailable: {} f:type: {} f:status: f:currentNumberScheduled: {} f:desiredNumberScheduled: {} manager: cluster-network-operator operation: Update time: "2020-05-26T16:29:50Z" - apiVersion: apps/v1 fieldsType: FieldsV1 fieldsV1: f:status: f:numberAvailable: {} f:numberReady: {} manager: kube-controller-manager operation: Update time: "2020-05-26T16:30:16Z" name: multus namespace: openshift-multus ownerReferences: - apiVersion: operator.openshift.io/v1 blockOwnerDeletion: true controller: true kind: Network name: cluster uid: 50031c94-522c-48d8-9c65-ba159c57d100 resourceVersion: "52896" selfLink: /apis/apps/v1/namespaces/openshift-multus/daemonsets/multus uid: 546bb026-9451-44c6-b5bd-32d644e26f49 spec: revisionHistoryLimit: 10 selector: matchLabels: app: multus template: metadata: creationTimestamp: null labels: app: multus component: network openshift.io/component: network type: infra spec: containers: - args: - --multus-conf-file=auto - --multus-autoconfig-dir=/host/var/run/multus/cni/net.d - --multus-kubeconfig-file-host=/etc/kubernetes/cni/net.d/multus.d/multus.kubeconfig - --readiness-indicator-file=/var/run/multus/cni/net.d/10-ovn-kubernetes.conf - --cleanup-config-on-exit=true - --namespace-isolation=true - --multus-log-level=verbose - --cni-version=0.3.1 - --additional-bin-dir=/opt/multus/bin - --skip-multus-binary-copy=true command: - /entrypoint.sh env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.test-sinny-asset1.devcluster.openshift.com image: registry.svc.ci.openshift.org/ci-ln-6vywnkk/stable@sha256:c51aeeee3afa67a7adf44f6712c730f52beca54680705fc96a5277d02f727eb4 imagePullPolicy: IfNotPresent name: kube-multus resources: requests: cpu: 10m memory: 150Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /host/etc/cni/net.d name: system-cni-dir - mountPath: /host/var/run/multus/cni/net.d name: multus-cni-dir - mountPath: /host/opt/cni/bin name: cnibin dnsPolicy: ClusterFirst hostNetwork: true initContainers: - command: - /entrypoint/cnibincopy.sh env: - name: RHEL7_SOURCE_DIRECTORY value: /usr/src/multus-cni/rhel7/bin/ - name: RHEL8_SOURCE_DIRECTORY value: /usr/src/multus-cni/rhel8/bin/ - name: DEFAULT_SOURCE_DIRECTORY value: /usr/src/multus-cni/bin/ image: registry.svc.ci.openshift.org/ci-ln-6vywnkk/stable@sha256:c51aeeee3afa67a7adf44f6712c730f52beca54680705fc96a5277d02f727eb4 imagePullPolicy: IfNotPresent name: multus-binary-copy resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /entrypoint name: cni-binary-copy - mountPath: /host/opt/cni/bin name: cnibin - mountPath: /host/etc/os-release name: os-release readOnly: true - command: - /entrypoint/cnibincopy.sh env: - name: RHEL7_SOURCE_DIRECTORY value: /usr/src/plugins/rhel7/bin/ - name: RHEL8_SOURCE_DIRECTORY value: /usr/src/plugins/rhel8/bin/ - name: DEFAULT_SOURCE_DIRECTORY value: /usr/src/plugins/bin/ image: registry.svc.ci.openshift.org/ci-ln-6vywnkk/stable@sha256:843a4f4f987f484d383b9c30da9fafb02c81db859d532cb51c0691a86ca3e46c imagePullPolicy: IfNotPresent name: cni-plugins resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /entrypoint name: cni-binary-copy - mountPath: /host/opt/cni/bin name: cnibin - mountPath: /host/etc/os-release name: os-release readOnly: true - command: - /entrypoint/cnibincopy.sh env: - name: RHEL7_SOURCE_DIRECTORY value: /usr/src/route-override/rhel7/bin/ - name: RHEL8_SOURCE_DIRECTORY value: /usr/src/whereabouts/rhel8/bin/ - name: DEFAULT_SOURCE_DIRECTORY value: /usr/src/route-override/bin/ image: registry.svc.ci.openshift.org/ci-ln-6vywnkk/stable@sha256:03f17f4c0c018c8dcf25e1f0c9a1551a0c901d6dcc5faab0979dac1f02da3c08 imagePullPolicy: IfNotPresent name: routeoverride-cni resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /entrypoint name: cni-binary-copy - mountPath: /host/opt/cni/bin name: cnibin - mountPath: /host/etc/os-release name: os-release readOnly: true - command: - /entrypoint/cnibincopy.sh env: - name: RHEL7_SOURCE_DIRECTORY value: /usr/src/whereabouts/rhel7/bin/ - name: RHEL8_SOURCE_DIRECTORY value: /usr/src/whereabouts/rhel8/bin/ - name: DEFAULT_SOURCE_DIRECTORY value: /usr/src/whereabouts/bin/ image: registry.svc.ci.openshift.org/ci-ln-6vywnkk/stable@sha256:7e2f67b2a7bc4719975d097b54c8e0a43f9805c52f351c0dc14394bcf71b062b imagePullPolicy: IfNotPresent name: whereabouts-cni-bincopy resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /entrypoint name: cni-binary-copy - mountPath: /host/opt/cni/bin name: cnibin - mountPath: /host/etc/os-release name: os-release readOnly: true - command: - /bin/sh - -c - | #!/bin/sh set -u -e CNI_BIN_DIR=${CNI_BIN_DIR:-"/host/opt/cni/bin/"} WHEREABOUTS_KUBECONFIG_FILE_HOST=${WHEREABOUTS_KUBECONFIG_FILE_HOST:-"/etc/cni/net.d/whereabouts.d/whereabouts.kubeconfig"} CNI_CONF_DIR=${CNI_CONF_DIR:-"/host/etc/cni/net.d"} # Make a whereabouts.d directory (for our kubeconfig) mkdir -p $CNI_CONF_DIR/whereabouts.d WHEREABOUTS_KUBECONFIG=$CNI_CONF_DIR/whereabouts.d/whereabouts.kubeconfig WHEREABOUTS_GLOBALCONFIG=$CNI_CONF_DIR/whereabouts.d/whereabouts.conf # ------------------------------- Generate a "kube-config" SERVICE_ACCOUNT_PATH=/var/run/secrets/kubernetes.io/serviceaccount KUBE_CA_FILE=${KUBE_CA_FILE:-$SERVICE_ACCOUNT_PATH/ca.crt} SERVICEACCOUNT_TOKEN=$(cat $SERVICE_ACCOUNT_PATH/token) SKIP_TLS_VERIFY=${SKIP_TLS_VERIFY:-false} # Check if we're running as a k8s pod. if [ -f "$SERVICE_ACCOUNT_PATH/token" ]; then # We're running as a k8d pod - expect some variables. if [ -z ${KUBERNETES_SERVICE_HOST} ]; then error "KUBERNETES_SERVICE_HOST not set"; exit 1; fi if [ -z ${KUBERNETES_SERVICE_PORT} ]; then error "KUBERNETES_SERVICE_PORT not set"; exit 1; fi if [ "$SKIP_TLS_VERIFY" == "true" ]; then TLS_CFG="insecure-skip-tls-verify: true" elif [ -f "$KUBE_CA_FILE" ]; then TLS_CFG="certificate-authority-data: $(cat $KUBE_CA_FILE | base64 | tr -d '\n')" fi # Write a kubeconfig file for the CNI plugin. Do this # to skip TLS verification for now. We should eventually support # writing more complete kubeconfig files. This is only used # if the provided CNI network config references it. touch $WHEREABOUTS_KUBECONFIG chmod ${KUBECONFIG_MODE:-600} $WHEREABOUTS_KUBECONFIG cat > $WHEREABOUTS_KUBECONFIG < $WHEREABOUTS_GLOBALCONFIG <